AI Threat Alert
ATLAS Landscape
AML.T0007
Discover AI Artifacts
Adversaries may search private sources to identify AI learning artifacts that exist on the system and gather information about them. These artifacts can include the software stack used to train and deploy models, training and testing data management systems, container registries, software repositories, and model zoos. This information can be used to identify targets for further collection, exfiltration, or disruption, and to tailor and improve attacks.
19 CVEs mapped
View on MITRE ATLAS →
| Severity | CVE | Headline | Package | CVSS |
|---|---|---|---|---|
| CRITICAL | CVE-2023-3765 | MLflow: path traversal allows arbitrary file read | mlflow | 10.0 |
| CRITICAL | CVE-2026-2635 | mlflow: security flaw enables exploitation | mlflow | 9.8 |
| CRITICAL | CVE-2024-0964 | Gradio: unauthenticated LFI exposes full server filesystem | gradio | 9.4 |
| CRITICAL | CVE-2023-34239 | Gradio: path traversal + SSRF exposes model files & infra | gradio | 9.1 |
| HIGH | CVE-2026-26286 | sillytavern: SSRF allows internal network access | 8.5 | |
| HIGH | CVE-2026-44555 | open-webui: access control bypass via model chaining | open-webui | 7.6 |
| HIGH | CVE-2026-28414 | gradio: security flaw enables exploitation | gradio | 7.5 |
| HIGH | CVE-2024-39722 | Ollama: path traversal exposes server filesystem | ollama | 7.5 |
| HIGH | CVE-2024-39719 | Ollama: file existence oracle via api/create errors | ollama | 7.5 |
| HIGH | CVE-2024-1594 | MLflow: path traversal via URI fragment reads arbitrary files | mlflow | 7.5 |
| HIGH | CVE-2024-1483 | MLflow: path traversal exposes arbitrary server files | mlflow | 7.5 |
| HIGH | CVE-2023-43472 | MLflow: unauth REST API leaks sensitive ML data | mlflow | 7.5 |
| HIGH | CVE-2023-2356 | MLflow: path traversal allows unauthenticated file read | mlflow | 7.5 |
| HIGH | CVE-2025-7647 | llama-index-core: insecure /tmp dir, model theft risk | llama-index-core | 7.3 |
| MEDIUM | CVE-2024-47164 | Gradio: path traversal bypasses directory access controls | gradio | 6.5 |
| MEDIUM | CVE-2024-0451 | wpbot: missing auth exposes OpenAI account files | wpbot | 5.0 |
| MEDIUM | CVE-2024-6985 | lollms: path traversal allows arbitrary directory read | lollms | 4.4 |
| LOW | CVE-2024-7038 | open-webui: filesystem enumeration via admin error messages | open-webui | 2.7 |
| MEDIUM | GHSA-2f7j-rp58-mr42 | OpenClaw: info disclosure exposes host filesystem paths | openclaw | — |